Legislative Tensions in Participation and Privacy

Two-thirds of the world’s Internet population now visit
an online community or blogging site and the sector now accounts for almost 10%
of all Internet time. A quarter of a million users sign up to social networking
sites every day worldwide and a third of those who have a profile on a social
network update it daily. Participation and privacy are critical success factors
that underpin healthy and vibrant online communities. It is essential that
Future Internet researchers understand the complexities of participation and
privacy in the design of systems to ensure that technologies are socially,
ethically and legally acceptable.

The lastest SESERV report explores perspectives on participation
and privacy within online communities by applying different analytical
techniques to a case study from e-Government.

In addition to discussing participation and privacy sheding light on the debate, each technique was assessed against the ability to 1) construct issues
and research challenges, 2) facilitate communication and debate, 3) assessment
of technology advances, 4) improve engineering design through insights from
other domains, 5) design legally compliant Future Internet systems and 6)
improve project design and decision making. The overarching conclusion was that
examining the issues from different perspectives highlights different concerns
that need to be considered within system requirements and architectural design.
CNO highlighted the need for mechanisms to facilitate federation between
different collaboration structures, tussles highlighted issues such as the
economic conflicts in outsourcing processing of personal data to clouds and
risk management identified the security mechanisms necessary for data
protection compliance.

From a participation and privacy perspective the results
showed that the goal to increase participation in political discourse through
the use of popular social networking sites has many attractions. Likewise, the
goal to comply with data protection legislation is also equally valid and as
well as necessary. The CNO analysis shows that a critical success factor (i.e.
participation) for social networking providers is to maximise activity, which
is achieved irrespective of the purpose of the communication between
individuals. The risk assessment highlights that for legal compliance providers
must take responsibilities (in respect to purpose) and individuals need to take
certain actions (e.g. consent). So here lies the contradiction. Privacy
compliance, often declared as a way to increase trust, and hence participation,
often impedes activity and actually acts as an inhibiter to participation in
many situations. In reality, individuals use social networking sites because
their perception of risk is considered low enough for participation. It is the
perception of and appetite for risk that that dictate levels of participation,
irrespective of associated regulation. Data protection can help but usually
where low-levels of trust exist.

This leads to an interesting challenge for European
service providers and research projects. How to balance strike the balance
between participation and privacy considering desires to monitor and mine data
without violating a citizen’s right to privacy? Architectures that facilitate
communication between individuals regardless of purpose have been important
innovators in the Internet. It is a principle that has contributed to the
explosion of Internet use (the end-point principle) and it is improbable that
the successful paradigms of the last decade, social networking and clouds,
would not have prospered if they had considered compliance to the European
regulatory environment. Each new paradigm has focused on promoting the benefits
of solutions and opted for weak privacy positions. The try it and observe
approach has allowed for a privacy balance to evolve over time as participants
explored their preferences rather than having them analysed in advance by
security experts. Social networking has been in fact a large experiment in
people’s appetite for privacy but how Europe strikes the balance between
participation and privacy remains a matter of serious debate.